Singapore a hot spot for business e-mail scams, malicious Web addresses, says Trend Micro

Singapore also emerged as a "hotbed" for hosting malicious URLs among South-east Asian countries, accounting for 68.1 per cent of such attacks.
Singapore also emerged as a "hotbed" for hosting malicious URLs among South-east Asian countries, accounting for 68.1 per cent of such attacks.PHOTO: ST FILE

SINGAPORE - Singapore is the most vulnerable country in South-east Asia for business e-mail compromise scams and a hot spot for hosting malicious Web addresses, according to cyber-security solutions provider Trend Micro.

About 27.3 per cent of business e-mail compromise (BEC) incidents that Trend Micro detected in South-east Asia took place in Singapore. This was followed by Malaysia, with 26.1 per cent; and Indonesia, with 25 per cent.

In a typical BEC attack, attackers initiate or intercept communication with a decision-maker of a company with the ability to release funds or conduct wire transfers as payment for services or as part of normal operations. In most cases, that would be the chief executive or an executive with similar powers, the report explained.

As BEC attacks usually rely on social engineering tactics, the fraudulent e-mails typically contain no malware and go undetected by traditional security measures, Trend Micro said.

Singapore also emerged as a "hotbed" for hosting malicious URLs among South-east Asian countries, accounting for 68.1 per cent of such attacks. But as a target, Singapore only accounted for 19.8 per cent of malware attacks detected, which was second in the region. Malaysia represented 29.3 per cent of malware attacks in South-east Asia - the most in the region.

Singapore also ranked third in South-east Asia for experiencing the most e-mail threats including spam, accounting for 10.9 per cent of the incidents detected. Vietnam was first in the region, with 46.2 per cent, followed by Indonesia, with 21.3 per cent.

Mr Nilesh Jain, vice-president of South-east Asia and India at Trend Micro, said that attackers have become more targeted in their campaigns, eschewing the "spray and pray" style.

 
 

"Enterprises need to strengthen their cyber defences at every touch point, namely, on the endpoint, in the cloud, and at the network layer," he said.

According to TrendMicro, the number of BEC attacks in 2018 increased by 28 per cent globally. More sophisticated and less frequent than phishing attacks, these attacks yield approximately $177,000 per attack on average.

The South-east Asia countries examined include Singapore, Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Thailand, Timor Leste and Vietnam.